Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
daniel king vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2008-7257
CRLF injection vulnerability in +webvpn+/index.html in WebVPN on Cisco Adaptive Security Appliances (ASA) 5580 series devices with software prior to 8.1(2) allows remote malicious users to inject arbitrary HTTP headers as demonstrated by a redirect attack involving a %0d%0aLocati...
Cisco Asa 5580 8.1\\(1\\)
1 EDB exploit
4.9
CVSSv2
CVE-2015-4692
The kvm_apic_has_events function in arch/x86/kvm/lapic.h in the Linux kernel up to and including 4.1.3 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by leveraging /dev/kvm access for an ioctl ...
Linux Linux Kernel
1 Article
4.6
CVSSv2
CVE-2015-5706
Use-after-free vulnerability in the path_openat function in fs/namei.c in the Linux kernel 3.x and 4.x prior to 4.0.4 allows local users to cause a denial of service or possibly have unspecified other impact via O_TMPFILE filesystem operations that leverage a duplicate cleanup op...
Linux Linux Kernel
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
Debian Debian Linux 7.0
Debian Debian Linux 8.0
2.1
CVSSv2
CVE-2015-5697
The get_bitmap_file function in drivers/md/md.c in the Linux kernel prior to 4.1.6 does not initialize a certain bitmap data structure, which allows local users to obtain sensitive information from kernel memory via a GET_BITMAP_FILE ioctl call.
Linux Linux Kernel
4.6
CVSSv2
CVE-2015-5707
Integer overflow in the sg_start_req function in drivers/scsi/sg.c in the Linux kernel 2.6.x up to and including 4.x prior to 4.1 allows local users to cause a denial of service or possibly have unspecified other impact via a large iov_count value in a write request.
Linux Linux Kernel
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 15.04
Debian Debian Linux 7.0
Debian Debian Linux 8.0
Suse Suse Linux Enterprise Desktop 11
Suse Suse Linux Enterprise Server 11
4.3
CVSSv2
CVE-2009-3565
Multiple cross-site scripting (XSS) vulnerabilities in intruvert/jsp/module/Login.jsp in McAfee IntruShield Network Security Manager (NSM) prior to 5.1.11.6 allow remote malicious users to inject arbitrary web script or HTML via the (1) iaction or (2) node parameter.
Mcafee Intrushield Network Security Manager 5.1.7.73
Mcafee Intrushield Network Security Manager 5.1.7.7
Mcafee Intrushield Network Security Manager
2 EDB exploits
4.3
CVSSv2
CVE-2009-3566
McAfee IntruShield Network Security Manager (NSM) prior to 5.1.11.8.1 does not include the HTTPOnly flag in the Set-Cookie header for the session identifier, which allows remote malicious users to hijack a session by leveraging a cross-site scripting (XSS) vulnerability.
Mcafee Intrushield Network Security Manager 5.1.7.73
Mcafee Intrushield Network Security Manager 5.1.7.7
Mcafee Intrushield Network Security Manager
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3201
CVE-2024-4779
CVE-2024-35090
CVE-2024-5084
hard-coded
CVE-2024-4985
HTML injection
CVE-2024-33655
local file inclusion
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started